NSA official says industry lags on security

NSA official says industry lags on security

By William Jackson

GCN Staff

APRIL 10—The government is getting inadequate help from industry in securing sensitive but unclassified data, a National Security Agency official said yesterday.

'For high assurance, we will continue to build our own,' said Brian D. Snow, technical director of NSA's Information Assurance Directorate.

'Shame on you,' Snow told an audience of industry representatives at the RSA Conference 2001 in San Francisco. 'You should be doing it better.'

Snow did not call for new security features but said existing ones in operating systems, applications and hardware should be better designed, tested and implemented.

'Through the coming five-year span I see little improvement in assurance, hence little true security,' he said.

Snow said NSA is not pushing for legislation to mandate security standards, but he thinks users might demand it if they suffer enough losses from software flaws.

'If I had to bet, I'd bet on legislation if the industry doesn't act,' he said.

NSA, which once shunned public exposure, now frequently takes part in public forums such as the RSA conference, sponsored by RSA Security Inc. of Bedford, Mass


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected